Verifi CodeFix
Verifi CodeFix is a versioned store of verified patches for vulnerable and malicious packages. Workflows pull fixes from it, so remediation is a known-good change rather than a guess.
Verified fixes
Patches that have been checked, not auto-generated suggestions you have to second-guess.
Consumed by automation
Verifi Workflows pulls the right fix and opens the PR against the affected repos.
Evidence-backed
Every fix traces to the finding it resolves.
Verifi CLI
An open-source CLI to scan packages and projects from your terminal and CI. It runs the Verifi detection engine.
Verifi Firewall
A registry proxy that blocks bad packages before they install. It sits in front of Nexus or Artifactory, or runs standalone.
Verifi Intel
A threat-intelligence corpus, public research, and a feed and API. It also powers this site's research and blog.
Verifi Workflows
Automated remediation and supply-chain incident response. A vertical SOAR built for the supply chain.